What search engines store about you
You may not be as anonymous as you think when you send a query to a surf engine. If you allow the search engines to put cookies on your computer, they may have collected a lot of personal information. Even without the cookie, your IP will be noted. I’ve posted about this before but it doesn’t hurt to mention it again. An article at InfoWorld gives a run-down on what goes on when you search:
What if there were a giant database that contained your hidden insecurities, embarrassing medical questions, and the fact that you still think from time to time about your high-school girlfriend? Well, such a data store does exist — if you’ve ever plugged such private topics into a search engine.
The fact is, search engines such as Google, Yahoo, and Microsoft Live Search all record and retain in their vast data banks any term that you query in addition to the date and time your query was processed, the IP address of your computer, and a cookie-based unique ID that — unless you delete it — enables the search engine to continue to know if requests are coming from that particular computer, even if the connection changes.
Law enforcement agencies have used search records in criminal cases and the article points out:
The upshot: If someone were to ask one of these search engine companies to produce a list of IP addresses or cookie values that searched on a particular search term, they conceivably could. Or, conversely, given an IP address or cookie value, the search engine firm could produce a list of terms searched by the user of that address or cookie value.
Although most ISPs rotate your IP over time, the IP records can be used to identify you if the ISP is willing to search its logs:
Even if you didn’t provide any personal information, an IP address alone could be traced back through a reverse DNS lookup to the Internet service provider and city of the IP address, according to Danny Sullivan, editor in chief of Search Engine Land, a blog dedicated to search news. Contacting the ISP could result in a positive identification of the account holder by finding out which account accessed the search engine at the time recorded in the search log.
Last year, reporters at The New York Times didn’t even need an IP address to track down the identity of an AOL user when AOL published anonymous search logs of 500,000 users over a three-month period. The identification was made possible simply based on the specificity of the search terms the user queried, such as real estate searches in the small town where she lived.
For many surfers, simply blocking tracking cookies will probably provide sufficient privacy and that is what I do. Anti-spyware programs will also detect and remove tracking cookies. But for real anonymity, something like a proxy service may be necessary. Do your surfing from a thumb drive with a program like Torpark and you’ll be pretty hidden. It might slow your surfing, however.
Any readers have experience with anonymizers?